Headline
Debian Security Advisory 5602-1
Debian Linux Security Advisory 5602-1 - Multiple security issues were discovered in Chromium, which could result in the execution of arbitrary code, denial of service or information disclosure. An exploit for CVE-2024-0519 exists in the wild.
-----BEGIN PGP SIGNED MESSAGE-----Hash: SHA256- -------------------------------------------------------------------------Debian Security Advisory DSA-5602-1 [email protected]://www.debian.org/security/ Andres SalomonJanuary 17, 2024 https://www.debian.org/security/faq- -------------------------------------------------------------------------Package : chromiumCVE ID : CVE-2024-0517 CVE-2024-0518 CVE-2024-0519Multiple security issues were discovered in Chromium, which could resultin the execution of arbitrary code, denial of service or informationdisclosure. An exploit for CVE-2024-0519 exists in the wild.For the oldstable distribution (bullseye), these problems have been fixedin version 120.0.6099.224-1~deb11u1.For the stable distribution (bookworm), these problems have been fixed inversion 120.0.6099.224-1~deb12u1.We recommend that you upgrade your chromium packages.For the detailed security status of chromium please refer toits security tracker page at:https://security-tracker.debian.org/tracker/chromiumFurther information about Debian Security Advisories, how to applythese updates to your system and frequently asked questions can befound at: https://www.debian.org/security/Mailing list: [email protected] PGP SIGNATURE-----iQIzBAEBCAAdFiEEUAUk+X1YiTIjs19qZF0CR8NudjcFAmWoZJcACgkQZF0CR8Nudjf/yhAAnSViUZwkqVXDm/yLl3oUfDsOkSooBuPIPexPRiHlcPWY+F4IlBEXgdruwN8/EuE4SLTxGxrortr8chuzyHHj2quJI/rOZwA/IBEAJ+X0iC71xyPkeqmS7rhNC9iJkwUrTcn+Sx4STBAvo/+7ZKQz9xwgS7Rx1vrmufG+SeCPX5SYvxaj4G/9rUugutcMzuQ96/ltfO02h53B9Zc85V0i0h0w7Y+Urmc+PAFnjx7eEToTxU7NhdU3xPVqu4a6VHs+TTn0MtcQs79lbq+e25kwQLaCbV4Sa2uOH/kwDFW2KmLNADrHBBgwKt439i5fY6NekPulnVowS0+feLwLAncr9xmA4sd2Qafd6Yvh1RRtwam06Bpmx6wtK3+LrX0zQW52BxGC+tRTWzs5lVDFRhNgi8DOPS83+co6NR2Qj87MUD1EU/VsgIphYu/ox4DwmgcQMD9NXmrnwOwKDFJk5qx4NBvP1zwGXWpuNxdTCF12IVIMExDZ0MmBRmYAbFZedNElzIyNTlTHHcYIA9X5KwC/2pROcTUeDRvRExe9Ej2O5SVn+ltu0EPEIsImC2yuLqrDcmfcuDYd83G0/2xV/NdCxbrxwcT2CoUDqCVdZaXkWGZYrebcH2Ym096d/sgZncfqsywdJJQxrBjof7ncooi6ngvnHhKhZNgFBw5732EupLM==u141-----END PGP SIGNATURE-----Related news
In recent years, the number and sophistication of zero-day vulnerabilities have surged, posing a critical threat to organizations of all sizes. A zero-day vulnerability is a security flaw in software that is unknown to the vendor and remains unpatched at the time of discovery. Attackers exploit these flaws before any defensive measures can be implemented, making zero-days a potent weapon for
Google has revealed that a security flaw that was patched as part of a security update rolled out last week to its Chrome browser has come under active exploitation in the wild. Tracked as CVE-2024-7965, the vulnerability has been described as an inappropriate implementation bug in the V8 JavaScript and WebAssembly engine. "Inappropriate implementation in V8 in Google Chrome prior to
Google has rolled out security fixes to address a high-severity security flaw in its Chrome browser that it said has come under active exploitation in the wild. Tracked as CVE-2024-7971, the vulnerability has been described as a type confusion bug in the V8 JavaScript and WebAssembly engine. "Type confusion in V8 in Google Chrome prior to 128.0.6613.84 allowed a remote attacker to exploit heap
Hello everyone! In this episode, I will talk about the February updates of my open source projects, also about projects at my main job at Positive Technologies and interesting vulnerabilities. Alternative video link (for Russia): https://vk.com/video-149273431_456239140 Let’s start with my open source projects. Vulremi A simple vulnerability remediation utility, Vulremi, now has a logo and […]
Gentoo Linux Security Advisory 202402-23 - Multiple vulnerabilities have been discovered in Chromium and its derivatives, the worst of which can lead to remote code execution. Versions greater than or equal to 121.0.6167.139 are affected.
Google has issued a security update for the Chrome browser that includes a patch for one zero-day vulnerability.
Google has issued a security update for the Chrome browser that includes a patch for one zero-day vulnerability.
Google has issued a security update for the Chrome browser that includes a patch for one zero-day vulnerability.
Google on Tuesday released updates to fix four security issues in its Chrome browser, including an actively exploited zero-day flaw. The issue, tracked as CVE-2024-0519, concerns an out-of-bounds memory access in the V8 JavaScript and WebAssembly engine, which can be weaponized by threat actors to trigger a crash. "By reading out-of-bounds memory, an attacker might be able to get secret values,